Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/827A74CABE7011ED8AC2B446C4F9AE02.roa
File:                     827A74CABE7011ED8AC2B446C4F9AE02.roa (raw, json)
Hash identifier:          BMnMYg0aQvblFtLmvhQYw0DI44EBanp3zGrgut5pZo8=
Subject key identifier:   85:70:B1:D0:10:90:69:1A:A6:13:D0:D0:06:2C:86:47:F1:61:7F:15
Certificate issuer:       /CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
Certificate serial:       0674
Authority key identifier: 7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/827A74CABE7011ED8AC2B446C4F9AE02.roa
Signing time:             Fri 28 Jul 2023 22:59:21 +0000
ROA not before:           Fri 28 Jul 2023 22:59:21 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     212335
IP address blocks:        43.255.83.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1652 (0x674)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A6131/serialNumber=7B059CCC60BAAAFCF6F141216EFDD68E870C2551
        Validity
            Not Before: Jul 28 22:59:21 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64c44849-3f68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:1f:98:08:d9:69:a1:2c:32:f9:2b:c7:f8:36:
                    30:db:8f:83:e3:15:50:a5:b7:b3:1c:83:37:eb:58:
                    13:59:2c:30:14:09:f1:09:dc:39:d9:64:32:d9:9a:
                    15:e1:dc:73:cf:db:f6:14:ea:ef:5d:6c:d7:69:11:
                    93:80:b3:64:34:a2:da:39:88:91:b6:9e:54:fb:d3:
                    f1:34:92:9f:11:6d:16:88:fe:01:59:32:89:70:8b:
                    eb:82:23:c5:36:50:99:d9:01:b2:9a:15:07:ba:bf:
                    7e:66:91:d1:40:32:27:a6:ad:0b:b2:1f:10:62:ba:
                    82:e4:e5:e7:1b:1b:99:76:99:3d:f5:30:3f:99:34:
                    38:e0:d1:2a:6c:83:c1:36:2f:4e:a2:a5:42:ff:e7:
                    67:f2:1a:97:7b:a0:1a:c9:c5:dc:bd:c3:87:d2:49:
                    84:61:2f:53:8e:a1:0c:e2:17:69:ef:4c:2a:50:1d:
                    95:de:da:d3:b5:df:58:dd:a7:74:ba:42:60:d1:91:
                    24:26:61:a9:41:43:de:a9:87:18:37:91:25:0b:18:
                    65:cb:f7:ce:49:43:39:77:9f:1a:a5:81:bc:d3:42:
                    cd:f7:e6:05:4a:10:61:83:66:d7:a0:42:e0:12:b4:
                    72:c5:8f:2b:4b:b8:18:a3:37:91:d2:b4:2a:b5:4c:
                    7c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:70:B1:D0:10:90:69:1A:A6:13:D0:D0:06:2C:86:47:F1:61:7F:15
            X509v3 Authority Key Identifier:
                keyid:7B:05:9C:CC:60:BA:AA:FC:F6:F1:41:21:6E:FD:D6:8E:87:0C:25:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/ewWczGC6qvz28UEhbv3WjocMJVE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewWczGC6qvz28UEhbv3WjocMJVE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6131/0FCB3D3828D611EB84E4C93BC4F9AE02/827A74CABE7011ED8AC2B446C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.255.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:50:f6:09:64:84:c1:bc:18:a6:04:30:17:62:09:8d:70:a4:
         f9:b9:9e:8f:cd:15:4c:08:74:00:fe:48:ca:d1:ee:4b:f1:17:
         91:60:b8:43:b8:64:b7:90:e8:c8:a0:41:8d:72:44:96:94:e5:
         7a:ea:7d:c5:10:ab:62:90:b1:38:15:f7:cc:0c:fa:c4:60:6f:
         6f:06:5a:a1:da:5d:e6:8c:50:02:db:02:46:07:59:22:57:f8:
         fd:2e:1d:a6:16:e0:1c:08:22:59:9c:25:b9:bc:67:de:6b:fc:
         4f:be:27:ce:c3:cb:bc:45:af:3f:5f:2b:83:e4:6b:f1:19:f6:
         18:65:0f:c8:ed:78:d3:c6:9a:55:16:e2:ed:87:59:f0:9d:f3:
         9b:5c:14:16:21:ce:12:71:64:32:be:b8:6c:d7:7d:8a:d1:f7:
         91:e6:e4:f8:8a:b1:21:7d:ad:0f:52:51:5f:72:34:92:80:16:
         70:99:eb:7f:2b:98:9c:84:0b:93:70:4e:1d:33:88:b4:70:7e:
         13:f8:d6:58:21:28:b9:bf:5b:d9:09:bb:b7:94:c6:6b:a1:8b:
         ba:7c:c9:53:2f:72:a9:dd:91:93:a5:30:50:64:6c:be:3e:13:
         79:a6:d5:6a:3e:63:3c:0d:5e:a8:67:f7:3b:2a:f0:bf:d1:f0:
         65:b2:b7:b4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYxMzExMTAvBgNVBAUTKDdCMDU5Q0NDNjBCQUFBRkNGNkYxNDEyMTZFRkRENjhF
ODcwQzI1NTEwHhcNMjMwNzI4MjI1OTIxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM0NDg0OS0zZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5h+YCNlpoSwy+SvH+DYw24+D4xVQpbezHIM361gTWSwwFAnxCdw52WQy2ZoV
4dxzz9v2FOrvXWzXaRGTgLNkNKLaOYiRtp5U+9PxNJKfEW0WiP4BWTKJcIvrgiPF
NlCZ2QGymhUHur9+ZpHRQDInpq0Lsh8QYrqC5OXnGxuZdpk99TA/mTQ44NEqbIPB
Ni9OoqVC/+dn8hqXe6AaycXcvcOH0kmEYS9TjqEM4hdp70wqUB2V3trTtd9Y3ad0
ukJg0ZEkJmGpQUPeqYcYN5ElCxhly/fOSUM5d58apYG800LN9+YFShBhg2bXoELg
ErRyxY8rS7gYozeR0rQqtUx8RwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIVwsdAQ
kGkaphPQ0AYshkfxYX8VMB8GA1UdIwQYMBaAFHsFnMxguqr89vFBIW791o6HDCVR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjEzMS8wRkNCM0QzODI4
RDYxMUVCODRFNEM5M0JDNEY5QUUwMi9ld1djekdDNnF2ejI4VUVoYnYzV2pvY01K
VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3V2N6R0M2cXZ6MjhVRWhidjNXam9jTUpWRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYxMzEvMEZDQjNEMzgyOEQ2MTFFQjg0RTRDOTNCQzRGOUFFMDIvODI3QTc0Q0FC
RTcwMTFFRDhBQzJCNDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr/1MwDQYJKoZIhvcNAQELBQADggEBAL5Q9glkhMG8GKYE
MBdiCY1wpPm5no/NFUwIdAD+SMrR7kvxF5FguEO4ZLeQ6MigQY1yRJaU5XrqfcUQ
q2KQsTgV98wM+sRgb28GWqHaXeaMUALbAkYHWSJX+P0uHaYW4BwIIlmcJbm8Z95r
/E++J87Dy7xFrz9fK4Pka/EZ9hhlD8jteNPGmlUW4u2HWfCd85tcFBYhzhJxZDK+
uGzXfYrR95Hm5PiKsSF9rQ9SUV9yNJKAFnCZ638rmJyEC5NwTh0ziLRwfhP41lgh
KLm/W9kJu7eUxmuhi7p8yVMvcqndkZOlMFBkbL4+E3mm1Wo+YzwNXqhn9zsq8L/R
8GWyt7Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:36 2024 by rpki-client on console-fra.rpki-client.org